Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/lPBBBZIDSqk9QiaG8MI9cZbVfNc.roa
File: lPBBBZIDSqk9QiaG8MI9cZbVfNc.roa (raw, json)
Hash identifier: RC/K9OyGJE17A/lM0FvYhkYCn/M/uFQ3kbWlqxqFLqA=
Subject key identifier: 94:F0:41:05:92:03:4A:A9:3D:42:26:86:F0:C2:3D:71:96:D5:7C:D7
Certificate issuer: /CN=02640bccb7171f199c43a0a974cab827ed18e750
Certificate serial: 0883CB4A
Authority key identifier: 02:64:0B:CC:B7:17:1F:19:9C:43:A0:A9:74:CA:B8:27:ED:18:E7:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/lPBBBZIDSqk9QiaG8MI9cZbVfNc.roa
Signing time: Sat 01 Jan 2022 16:02:22 +0000
ROA not before: Sat 01 Jan 2022 16:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 185.33.224.0/22 maxlen: 22
2a00:ce20::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142854986 (0x883cb4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02640bccb7171f199c43a0a974cab827ed18e750
Validity
Not Before: Jan 1 16:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94f0410592034aa93d422686f0c23d7196d57cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:76:1a:c5:3d:06:84:2e:9d:e5:37:17:cc:e4:
ef:aa:39:b0:c3:dd:6a:dc:bc:5c:58:73:d3:0d:12:
4d:98:ad:dd:9c:cd:b4:99:32:18:45:97:54:9a:b8:
8e:b5:b9:24:fb:54:82:1b:e4:d2:3f:53:33:f1:44:
57:5b:23:c1:ce:95:ba:7e:bc:af:5c:eb:d8:2f:e3:
ed:14:79:1b:6a:6b:06:57:c8:9b:76:f5:06:bf:95:
b8:6e:00:dc:c5:72:d2:eb:d2:2c:d8:71:24:32:70:
e2:cc:c7:2b:8b:39:65:41:e9:19:5a:25:3a:ba:80:
6c:4a:15:bb:bf:0f:c6:c2:8b:7a:a1:30:39:0b:4d:
f9:55:f2:21:a5:9d:05:70:ea:b1:6d:b1:6f:73:20:
7d:4a:ac:cf:d3:43:3b:ae:eb:3a:13:36:69:97:fe:
5a:2c:b2:59:ef:16:a2:c4:8c:49:f0:b3:80:ee:ce:
73:fa:4a:d7:2f:45:1e:c0:fb:09:9d:92:2c:9e:00:
0e:7e:9f:57:cf:31:ca:99:73:51:e0:be:09:a0:47:
4f:27:9f:f4:53:75:70:e5:4e:58:0c:38:c3:5b:3a:
f3:05:53:d3:38:d7:ef:fd:60:95:17:85:99:7d:33:
7b:dc:de:1f:d2:97:ba:c5:3c:c2:88:94:b4:f1:32:
04:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F0:41:05:92:03:4A:A9:3D:42:26:86:F0:C2:3D:71:96:D5:7C:D7
X509v3 Authority Key Identifier:
keyid:02:64:0B:CC:B7:17:1F:19:9C:43:A0:A9:74:CA:B8:27:ED:18:E7:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/lPBBBZIDSqk9QiaG8MI9cZbVfNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.224.0/22
IPv6:
2a00:ce20::/29
Signature Algorithm: sha256WithRSAEncryption
7e:e2:bf:a1:8e:54:09:70:0e:f3:f4:2e:29:2a:d4:63:6f:36:
f8:da:4f:02:09:f1:92:24:51:b6:c2:17:cc:bb:73:38:94:22:
b5:71:4a:33:77:48:88:de:09:e1:3b:8b:8f:38:39:f4:5e:de:
4c:7d:3a:c1:b3:e5:34:a4:57:dd:c3:48:92:2c:7b:b3:a4:80:
7e:19:57:4f:6a:da:b8:e3:76:c9:b7:75:9c:8b:77:c9:bc:b1:
0d:b7:95:05:1c:30:b4:b1:7b:0c:1e:21:06:db:97:4f:95:78:
d7:e7:5a:a8:37:59:1c:e3:71:db:e6:a6:0f:5b:e1:1a:dc:51:
09:84:2f:0c:ce:08:79:ca:9b:12:81:60:ca:76:6b:fe:42:71:
38:5f:83:10:fa:26:fd:e2:96:25:6e:cd:c6:35:45:f3:19:64:
bf:4c:dc:fb:09:c6:3e:d0:16:42:c8:39:df:5e:ab:5e:d1:6e:
de:99:ca:12:3c:9e:e1:68:32:23:24:ac:a3:18:ee:15:5d:3d:
4c:fb:47:e1:13:1d:b0:3c:6b:87:a9:dc:af:16:c0:c1:9b:b3:
ed:c6:7e:6c:38:69:14:9d:4b:06:25:ad:c5:00:50:eb:4e:60:
18:70:ac:e1:13:ce:30:ff:36:5f:40:4e:c9:28:67:26:53:fd:
18:06:e4:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECIPLSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjY0MGJjY2I3MTcxZjE5OWM0M2EwYTk3NGNhYjgyN2VkMThlNzUwMB4XDTIyMDEw
MTE2MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRmMDQxMDU5MjAz
NGFhOTNkNDIyNjg2ZjBjMjNkNzE5NmQ1N2NkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOR2GsU9BoQuneU3F8zk76o5sMPdaty8XFhz0w0STZit3ZzN
tJkyGEWXVJq4jrW5JPtUghvk0j9TM/FEV1sjwc6Vun68r1zr2C/j7RR5G2prBlfI
m3b1Br+VuG4A3MVy0uvSLNhxJDJw4szHK4s5ZUHpGVolOrqAbEoVu78PxsKLeqEw
OQtN+VXyIaWdBXDqsW2xb3MgfUqsz9NDO67rOhM2aZf+WiyyWe8WosSMSfCzgO7O
c/pK1y9FHsD7CZ2SLJ4ADn6fV88xyplzUeC+CaBHTyef9FN1cOVOWAw4w1s68wVT
0zjX7/1glReFmX0ze9zeH9KXusU8woiUtPEyBI8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSU8EEFkgNKqT1CJobwwj1xltV81zAfBgNVHSMEGDAWgBQCZAvMtxcfGZxD
oKl0yrgn7RjnUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FtUUx6TGNYSHhtY1E2Q3BkTXE0Si0wWTUxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvNDI0YmQxLTk1M2ItNDI2Mi04Mzk2LWM3YmY5NWU1YWI3Yi8x
L2xQQkJCWklEU3FrOVFpYUc4TUk5Y1piVmZOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
NDI0YmQxLTk1M2ItNDI2Mi04Mzk2LWM3YmY5NWU1YWI3Yi8xL0FtUUx6TGNYSHht
Y1E2Q3BkTXE0Si0wWTUxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkh4DANBAIAAjAHAwUDKgDOIDAN
BgkqhkiG9w0BAQsFAAOCAQEAfuK/oY5UCXAO8/QuKSrUY282+NpPAgnxkiRRtsIX
zLtzOJQitXFKM3dIiN4J4TuLjzg59F7eTH06wbPlNKRX3cNIkix7s6SAfhlXT2ra
uON2ybd1nIt3ybyxDbeVBRwwtLF7DB4hBtuXT5V41+daqDdZHONx2+amD1vhGtxR
CYQvDM4IecqbEoFgynZr/kJxOF+DEPom/eKWJW7NxjVF8xlkv0zc+wnGPtAWQsg5
316rXtFu3pnKEjye4WgyIySsoxjuFV09TPtH4RMdsDxrh6ncrxbAwZuz7cZ+bDhp
FJ1LBiWtxQBQ605gGHCs4RPOMP82X0BOyShnJlP9GAbkUQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:17 2023 by rpki-client on console-ams.rpki-client.org